The application provides a data security processing terminal, system and method, and is related to a field of data processing. The data security processing terminal includes: an image acquisition device configured to acquire image data and transmit the image data to a Trust Execution Environment through a secure channel; an image acquisition driver operating in the Trust Execution Environment and configured to drive, in response to a drive instruction from a processor, the image acquisition device to acquire the image data; the processor operating in the Trust Execution Environment and configured to send the drive instruction to the image acquisition driver, obtain the image data, encrypt the image data using a stored first key to obtain image ciphertext data, and output the image ciphertext data. The technical solution of the present applicant can be used to ensure the security of image data.

A computer-implemented method for processing digital evidence, the method comprising: storing a digital media file (4); in response to a request from a first user to access the digital media file (4): redacting a first portion of content from a copy of the digital media file (4) to produce a first redacted digital media file (10); and providing the first redacted digital media file (10) to the first user; and in response to a request from a second user to access the digital media file (4): redacting a second portion of content from a further copy of the digital media file (4) to produce a second redacted digital media file (11), wherein the second portion of content is at least partly different from the first portion of content; and providing the second redacted digital media file (11) to the second user, such that the first and second users are provided with copies of the digital media file (4) that are redacted differently from one another.

A two-dimensionality detection method for industrial control system attacks: collecting data; transmitting the data to a PLC and an embedded attack detection system; uploading, by the PLC, received data to an SCADA system; transmitting, by the SCADA system, the data to the embedded attack detection system after classifying and counting the data; before starting detection, directly reading, by the embedded attack detection system, the data measured by sensors; refining data association relationships and probability distribution characteristics of the sensors of normal operation to complete storage of health data model; after starting detection, in first dimensionality, comparing the data collected directly by the sensors with statistical data of the SCADA system to judge the attacked condition of the SCADA system, and in second dimensionality, comparing the characteristics of the data collected directly by the sensors and counted online with the health data model to judge the attacked condition of the sensors.

A method for detecting a fake keypad includes: monitoring outputs of plural magnetic field sensors connected to a keypad; detecting the output of at least one of the magnetic field sensors indicates the presence of a magnetic field; starting, in response to the detecting, a timer; determining the first timer reaches a first threshold while the output of the at least one of the magnetic field sensors still indicates the presence of a magnetic field; in response to the timer reaching the first threshold, determining a number of the magnetic field sensors whose output indicates the presence of a magnetic field equals or exceeds a second threshold; in response to the number of the magnetic field sensors equaling or exceeding the second threshold, determining a security action; and initiating the security action.

An apparatus includes a processing device configured to obtain data records associated with an enterprise system comprising strings associated with an attribute. The processing device is also configured to generate a similarity matrix with entries comprising values characterizing similarity between respective pairs of the strings. The processing device is further configured to apply a thresholding filter to values in the entries of the similarity matrix to create an adjacency matrix, and to construct a graph network of the data records based at least in part on the adjacency matrix, wherein the graph network comprises edges connecting pairs of the data records. The processing device is further configured to perform a clustering operation on the graph network to identify clusters of the data records for the attribute, and to initiate remedial action in the enterprise system responsive to identifying a given cluster comprising a given subset of the data records.

A method and system for safely entering a password, the method comprising: a smart key device receives a password verification request sent from an upper computer, generates and displays randomly arranged characters, and returns a password verification response to the upper computer; upon the reception of the password verification response, the upper computer displays a password input interface and waits for a user to input, upon the reception of a user input, obtains a password acquisition response according to the user input, and sends the password acquisition response to the smart key device; and the smart key device determines whether the user input is correct according to the received password acquisition response. By means of the present invention, a password input solution in which a user needs to click a different position every time a password character is entered is achieved. In addition, the numbers are not displayed on the screen of the upper computer, the security of the user's digital assets is further ensured.

A method of blocking access of a threatening user includes (a) executing an application on a user terminal, (b) collecting, by the user terminal, access information and transmitting the access information to a server unit, (c) determining, by the server unit, whether a user is a target whose access is to be blocked on the basis of the access information, (d) transmitting, by the server unit, a normal execution code or a blocking message to the user terminal according to a result of the determination, and (e) executing the user terminal according to the normal execution code or the blocking message.

Disclosed are systems, methods, and non-transitory computer-readable media for network security using Root of Trust (RoT). A node in the vehicle networking system receives an authentication message from an adjacent node in the vehicle networking system. The authentication message included identifying information of the adjacent node that is digitally signed with a digital signature having been generated using a private key. The adjacent node accessed the identifying information of the second node from a source image authenticated during a secure boot of the adjacent node. The node accesses a public key available to the node and authenticates the adjacent node based on the public key and the digital signature included in the authentication message.

In one aspect, an example methodology implementing the disclosed techniques includes, by a computing device, determining whether a user interface element having focus is a secure input and, responsive to a determination that the user interface element is a secure input, preventing the focus from changing away from the user interface element. The method also includes, by the computing device, responsive to a determination that the user interface element is a secure input, allowing the focus to change away from the user interface element in response to a determination that an input to the user interface element is complete. The method may further include, by the computing device, responsive to a determination that the user interface element is not a secure input, allowing the focus to be moved to another user interface element.

A secure keyboard resource executed in a network device detects a user input, and generates a user input data structure representing the user input relative to input options presented to the user, the user input data structure based on the secure keyboard resource identifying a position of the user input relative to the input options. The secure keyboard resource sends the user input data structure to one or more executable destination resources, having requested supply of the user input data structure responsive to a user selection, only via a corresponding data path providing the destination resource with access to the user input data structure, for execution of a service by the one or more executable destination resources based on the user input data structure. The secure keyboard resource thus minimizes spying by limiting access of the user input data structure to the destination resource via the data path.